Skip to main content
CVE-2023-37917 HIGH POC PATCH This Week

KubePi is an opensource kubernetes management panel. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Kubernetes Kubepi
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-3808 HIGH POC This Week

A vulnerability was found in Hospital Management System 1.0 and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital Management System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-3807 HIGH POC This Week

A vulnerability has been found in Campcodes Beauty Salon Management System 1.0 and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Beauty Salon Management System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-3813 HIGH POC This Week

The Jupiter X Core plugin for WordPress is vulnerable to arbitrary file downloads in versions up to, and including, 4.6.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Path Traversal Jupiter X Core
NVD VulDB
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-37918 HIGH POC PATCH This Week

Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Dapr
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-37916 HIGH POC PATCH This Week

KubePi is an opensource kubernetes management panel. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Kubernetes Information Disclosure Kubepi
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-37915 HIGH POC This Week

OpenDDS is an open source C++ implementation of the Object Management Group (OMG) Data Distribution Service (DDS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Opendds
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2021-35391 HIGH POC This Week

Server Side Request Forgery vulnerability found in Deskpro Support Desk v2021.21.6 allows attackers to execute arbitrary code via a crafted URL. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE SSRF Deskpro
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2023-3820 HIGH POC PATCH This Week

SQL Injection in GitHub repository pimcore/pimcore prior to 10.6.4. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Pimcore
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2023-25837 HIGH This Week

There is a Cross‑Site Scripting (XSS) vulnerability in Esri ArcGIS Enterprise Sites versions 10.9 and below that may allow a remote, authenticated attacker to create a crafted link which, when. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Portal For Arcgis
NVD
CVSS 3.1
8.4
EPSS
1.0%
CVE-2023-25835 HIGH This Week

There is a stored Cross‑Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS Sites versions 11.1 and below that may allow a remote, authenticated attacker with high‑privileged access to. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Portal For Arcgis
NVD
CVSS 3.1
8.4
EPSS
0.9%
CVE-2023-3776 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Privilege Escalation Linux Memory Corruption Linux Kernel +1
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-3611 HIGH PATCH This Week

An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Buffer Overflow Linux Privilege Escalation Linux Kernel +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-3610 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Privilege Escalation Linux Memory Corruption Linux Kernel +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-3609 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Privilege Escalation Linux Memory Corruption Linux Kernel +1
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-28730 HIGH This Week

A memory corruption vulnerability Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Control Fpwin Pro
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-28729 HIGH This Week

A type confusion vulnerability in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Control Fpwin Pro
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-28728 HIGH This Week

A stack-based buffer overflow in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow RCE Control Fpwin Pro
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-35077 HIGH This Week

An out-of-bounds write vulnerability on windows operating systems causes the Ivanti AntiVirus Product to crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Ivanti Microsoft Endpoint Manager
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2023-36339 HIGH This Week

An access control issue in WebBoss.io CMS v3.7.0.1 allows attackers to access the Website Backup Tool via a crafted GET request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Webboss Io Cms
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-35086 HIGH This Week

It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Rt Ac86U Firmware Rt Ax56U V2 Firmware
NVD
CVSS 3.1
7.2
EPSS
38.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy